That opens one's eyes. Is this whole 'Bug Reporting' thing on the Comodo Forum than just nothing more than a fake reporting spot which is not taken seriously by Comodo as they didn't work on / fix any of those bugs in the past two+ years?This is where the CIS bugs are reported - and NONE of them are confirmed by Comodo. C.O.M.O.D.O. RT is just a community manager\moderator who performs basic triage. They are not a part of Comodo engineering\development. He\she is a go-between for Comodo engineering with the participants on the forum.
Comodo Forum
Comodo community forum to discuss and help people using security productsforums.comodo.com
There are 14 issues in the CIS\CF public bug tracker (there is also the internal\private Comodo bug tracker which the public does not get to see). The interaction between C.O.M.O.D.O. RT and the people on the forum is not a confirmation of anything. That person is just asking questions back-and-forth, providing steps like "uninstall\re-install" and passing information along to developers, if necessary. Nowhere do they state that anybody from Comodo engineering\development "confirms your submitted bug."
It is just amazing how people mis-state the facts.
Comodo might come back from the grave
- Thread starter vaccineboy
- Start date
- Status
Yes see answer of the chosen one
On top of that they have a slow update policy
Oerlink said:
Last edited by a moderator:
- Feb 7, 2023
- 2,349
This statement is partially true; Comodo not only did never rank first anywhere, but has never even participated. There are no test records that can be pulled out.
Comodo had a beef with Symantec for years, much can be found online, also here: Symantec answers Comodo | IT World Canada News
Melih demanded that both Symantec/Norton and Comodo be put side by side to see who will win.
In a forum post back then, years ago, he stated he would release a Norton vs Comodo video to see “who will protect better. $$$ Norton or the free Comodo”. In the end, he did not release anything and he did not sign up their product to any tests to prove it was better than Norton or anyone else.
The thing about Comodo’s technology is that it needs to be deployed wisely and a whitelist to be maintained at all times. Otherwise you risk causing more problems than you solve.
- Jun 5, 2020
- 121
I had big problems with uninstall. Most of time I remove manually. Even their standalone uninstaller didn't help. I never like it as product anti virus.
I don't recall the name of the website, but I remember their Firewall used to be number one 90% of the time on a website which compared firewalls only. I also found Comodo test on AV-Test
Test Antivirus-Programme Comodo (latest from 2019) and it also participated in the 2020 round of AV-Labs and was awarded product of the year https://avlab.pl/wp-content/uploads/2021/01/AVLab-Product-of-the-year-2020.pdf
To be fair there is only 1 critical vulnability reported in two years (in 2022 which is still not fixed): CVE-2022-34008 : Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privil On the other hand on Comodo's forum two rather serious Sandbox bypasses are mentioned List of current bugs - News / Announcements / Feedback - CIS , which might also indicate that Comodo is not put to test anymore (since it has not received updates for two years, there won't be a bug bounty program either).
According to these references latest Comodo version has at least three unfixed serious holes in its defense!
Oh @Oerlink brother where art thou to provide us mortals the thoughts and insights of his Melihness on this matter?
Test Antivirus-Programme Comodo (latest from 2019) and it also participated in the 2020 round of AV-Labs and was awarded product of the year https://avlab.pl/wp-content/uploads/2021/01/AVLab-Product-of-the-year-2020.pdf
To be fair there is only 1 critical vulnability reported in two years (in 2022 which is still not fixed): CVE-2022-34008 : Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privil On the other hand on Comodo's forum two rather serious Sandbox bypasses are mentioned List of current bugs - News / Announcements / Feedback - CIS , which might also indicate that Comodo is not put to test anymore (since it has not received updates for two years, there won't be a bug bounty program either).
According to these references latest Comodo version has at least three unfixed serious holes in its defense!
Oh @Oerlink brother where art thou to provide us mortals the thoughts and insights of his Melihness on this matter?
Last edited by a moderator:
- Feb 7, 2023
- 2,349
I did not recall these tests to be honest, but everyone scores high there so I am not even following them anymore.
In regards to the vulnerabilities, I am sure there are many more. The scale of deployment, a.k.a market share of the product is too low to make it an attractive “honeypot” for attackers, but there is no way a seemingly-abandoned product to not be vulnerable. This makes things counter-productive - you are installing security but your security itself is the door to attacks.
There are more vulnerabilities and bypasses that are not discovered and as I said in a post above, there is no evidence that Comodo was ever designed in a secure way or that it is fit for the purpose.
Every antivirus relies on various frameworks, engines and third-party libraries as well. Together with Comodo vulnerabilities, all security holes in these third-party components (boost framework, 7zip/zlib, UI HTML renders and others) are also applicable.
There was an incorrect statement by @Oerlink that “AV Vendors distribute just basic bug fixes”. They distribute updated libraries and new features as well - when needed. McAfee was also recently entirely re-written from scratch:
Last edited:
LOLOh @Oerlink brother where art thou to provide us mortals the thoughts and insights of his Melihness on this matter?
01 February 2023:
How to be secure when Detection fails - Comodo Internet Security - CIS
Literally every endpoint security product out there can only provide protection and keep you secure only and “ONLY” if they can detect a threat. W
forums.comodo.com
- Feb 7, 2023
- 2,349
Now that you feel stuck in a corner, unable to wiggle left and right anymore, this is your answer… LOL and a link to Melih’s professional profiles, as well as a video we’ve all seen. I expected more!
Last edited:
Just complementing:
Considering that Comodo is one of the oldest companies in the industry, and independently of having or not having official testers, Comodo for years and years has been reviewed by tons of magazines/articles. And compared to its competitors, Comodo was almost never in top rankings. Comodo is a mediocre company and quite unsuccessful.
By the way, also is good to remember that years ago Comodo Firewall allowed malware to pass (inside CCleaner) because Comodo itself released the certificate, and the malware was considered harmless (was considered not malware) by Comodo. I repeat, we are talking about a serious bug specifically on Comodo Firewall (They said The Titanic was unsinkable... yet the "ship that could never sink" sank).
I'm not trying to destroy Comodo's reputation.
I'm just making it clear that fanboys@girls are delusional.
"I too have a 2 year old CIS on my computers and they it just works!
"-- Melih
LOL
Obviously nobody here bothers to read what Melih says... lol
There is no dedicated CF\CIS developer team at Comodo. Melih has them working on other projects all the time but it seems people cannot figure this out. For the past two years Melih had his development team working on his other company projects (Melih owns multiple companies) and then the Xcitium project.
Last edited by a moderator:
- Feb 7, 2023
- 2,349
Signed malware and even worse, supply chain attacks can evade many defences from many companies and according to Trend Micro papers, a certificate from a company of choice is on sale for 10K, whilst from Sectigo it is much cheaper. The paper is linked in my original post above.
I won’t go into details who’s more vulnerable to signed malware, but nobody is immune — Including Comodo with the magical sandbox. That’s why it’s wrong saying “it’s ahead of its time, it doesn’t need updates”.
Attackers are always very creative and there is hardly any measure that they haven’t managed to workaround.
Last edited:
Not delusional. They are just happy, joyous and free because of Comodo's unbeatable security.
Wasn’t the CCleaner thing an issue pretty much for a majority of AVs not just for Comodo?
His Melihness does not respond to the questions of his loyal users about the updates which are necesary to patch these 3 security holes in Comodo. Note that the two Sandbox bypasses in the Comodo bug list seem to have proof of concepts added to the bug-report! CVE's are always checked. so there are at least 3 very serious holes in current Comodo version (does not matter whether you use Cruel Sister config, because they are sandbox bypasses).
----------- ignored security holes also affecting Cruel Sister config
To be fair there is only 1 critical vulnability reported in two years (in 2022 which is still not fixed): CVE-2022-34008 : Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privil On the other hand on Comodo's forum two rather serious Sandbox bypasses are mentioned List of current bugs - News / Announcements / Feedback - CIS , which might also indicate that Comodo is not put to test anymore (since it has not received updates for two years, there won't be a bug bounty program either).
______
Last edited by a moderator:
- Feb 7, 2023
- 2,349
You fail to understand and comprehend. His loyal Melihness stressed few times that “someone is working hard all the time, 24/7”. You just have to wait… like… forever. The updates and results of this nowhere to be seen hard work will be delivered.
You are calling them "very serious holes." That is an exaggeration, but I will give you an opportunity to explain to us all how those bugs can compromise a system.
Please explain how "able to overwrite file contents with NULL bytes using FSCTL_SET_ZERO_DATA I/O control code" can be incorporated into a malware to breach a system. Do you even know what "overwrite file contents with NULL bytes" means? Can it be used to create a persistent infection?
Please explain how " SetVolumeMountPoint and DeleteVolumeMountPoint" can be used to compromise a system. Is it even a real threat?
It is one thing if you understand fully what bugs 3 and 4 actually mean in terms of real system compromise, but you obviously don't understand and just automatically calling them "very serious holes."
Who said "Comodo does not need updates"? Nobody on this forum nor at Comodo ever said that.
Last edited by a moderator:
The CVE is a standard weighted vulnability and exposure assessment, above 7 is a serious problem. Overwrite file contents with NULL bytes means that they are overwritten with low values (hex 00). With Set and Delete Volume Mount points you can set and delete the links and references of a folder structure. This means you can mess around with data (for instance to escape the sandbox).
You are great in challenging others, but so far always failed to answers hard questions by ignoring them. I will give an easy one: do you know why the CVE rating is accepted across the IT-industry?
Last edited by a moderator:
Yeah, totally agree with you.
But honestly, Comodo never worried me. I stopped using it time ago and never missed it.
What worries me are the fanboy&girl fallacies:
"If it works for me, then it works for everybody"
"It's so good, that it doesn't need upgrades nor updates"
"Bugs are only about GUI"
"Bugs are not dangerous"
"Youtube shows that it works, then that's the ultimate proof"
"Comodo is unbeatable, superb. The CCleaner issue was nothing, The Titanic sunk because all boats sink"
"It's fully compatible with Win 11 because I believe that"
"I use it because I trust users in this forum"
etc etc etc... bah blah blah.
Fanboy&girl irresponsible attitudes are much worse than Comodo failures.
The bizarre situation is so delusional and irrational that as said before in previous posts, it seems that some of these guys are not fans at all, they're just paid guys to post positive commentaries.
It is a freeware product. Melih and Comodo do not owe anybody anything. If people do not like how Comodo does things, then they can use another vendor's product.
It is a very simple concept that even a 5 year old can understand.
- Feb 7, 2023
- 2,349
You are just diminishing what everyone says and attempting to make people look incompetent to support a product of your choice. In psychology, this is called choice-supportive bias and it quickly makes one lose credibility. So far, I didn’t see you answer any of my questions, neither I see you providing any evidence that the 6 key issues I enumerated in a post above are not true.
Whilst other people support everything they say with evidence. At that point it becomes clear who to trust really. We have unsupported fanboyism vs evidence… I mean… you get it.
Btw a user of this forum or a user of Comodo product, or any other user in fact, is not obliged to understand Microsoft’s low-level hardware management, APIs or any other part of the Windows operating system.
If the business standing behind the oh-so-amazing product you so violently and wholeheartedly support is a real business interested in securing innocent, connected users, EVERY vulnerability, even the most minor one should be treated as urgent and fixed.
Full stop.
Last edited:
- Status
